[QA] 2.0.0 Testplan #132

jnweiger · 2021-01-12T00:49:18Z

Setup

Setup details (click to view)

Automated setup script: https://github.com/owncloud-docker/compose-playground/blob/master/examples/hetzner-deploy/make_openidconnect_test.sh

References:

Testplan

openidconnect-1.0.0 Web UI + desktop client 2.7.5RC2

Test Case	Description	Expected	Result	Comments
Installation
Fresh install	`occ app:enable openidconnect`	app gets enabled	✔️
Fresh install	disable/enable via admin web gui	app gets disabled/enabled	✔️
Update from 1.0.0	disable, unpack new tar, enable via admin web gui	app gets enabled	✔️	`occ upgrade` is needed. #135
User flow
Correct OIDC URL	Set a correct OIDC URL	Connection set to the URL	✔️	as per INIT.bashrc
Enter correct iDP credentials	1. Set a correct OIDC URL 2. Enter correct credentials	Authorization is requested	✔️
Authorization	Authorize permissions and session	iDP finishes web browser and redirects to the client	✔️
Cancel login process	1. Set a correct OIDC URL 2. In iDP, cancel login process	Back to client	✔️	Error in OpenIdConnect:Error: access_denied Description: consent denied
Logout	1. Complete login process in a OIDC server 2. Logout in the idP	Session logged out. Needed credentials again to enter the account	✔️	Stranded at kopano-url, oc-url would be better
Request flow
Check `openid-configuration` request	Enter an URL of OIDC server	The .well-known /openid-configuration endpoint must be checked to assure availability of OIDC. Response received	✔️
`register` endpoint available	In case the server supports Dynamic Client Registration, `register` endpoint is requested	Client id and secret id (not mandatory) is retrieved	✔️
idP flow	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing	✔️	/signin/v1/chooseaccount /signin/v1/identifier /signin/v1/consent http://localhost:44155/
idP flow with dynamic client registration	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing using client id and secret id granted by register endpoint
Redirection	Authorize session in idP	Web browser redirects correctly to the client and with session opened	✔️
Token Renewal	Wait till session time is exceed	`token` endoint is requested with refresh token to get a new token. This must be transparent for the client	✔️	01-22 09:10:46:385 [ info sync.httplogger ]: ... "expires_in": 600\n}\n]" 01-22 09:21:03:624 [ info sync.credentials.http ]: Refreshing token 01-22 09:21:03:759 [ info sync.httplogger ]: ... Request: POST ... /konnect/v1/token
ClientId/SecretiD renewal	Wait till clientId/SecretId granted by register endpoint, expire	New ClientId/SecretId must be granted to request new tokens	✔️	renewal seen after 10 minutes. See log example below #132 (comment)
Migration
Basic -> OIDC	1. Login in basic auth server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode	Session expires and user must re-authenticate against new OIDC	❌	no session timeout #136
Basic -> OIDC	1. Login in basic auth server 2. Enable maintenance mode and upgrade to OIDC 3. add `'token_auth_enforced' => true` to config.php 4. Disable maintenance mode	Client shows and error and user must re-authenticate against new OIDC	✔️	`Server replied "599"` after 30 sec.
OAuth2 -> OIDC	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode	Token not valid anymore, and user must re-authenticate against new OIDC	🚧	Unclear expectations: #66 (comment)
OAuth2 -> OIDC + OAuth2	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC, keeping Oauth2 enabled 3. Disable maintenance mode	Token is valid anymore. Must re-authenticate to start using OIDC	🚧

Android

After releasing 2.16, authentication library will be replaced for a custom implementation. Tests here will be done with such implementation as well

Actually, Android does not support Dynamic Client Registration yet.

Openidconnect: 2.0.0RC1
Device: Google Pixel 2
Android version: 11

Test Case	Description	Expected	Result	Comments
User flow
Correct OIDC URL	Set a correct OIDC URL	Connection set to the URL	2.16: ✅ New: ✅
Enter correct iDP credentials	1. Set a correct OIDC URL 2. Enter correct credentials	Authorization is requested	2.16: ✅ New: ✅
Authorization	Authorize permissions and session	iDP finishes web browser and redirects to the client	2.16: ✅ New: ✅
Cancel login process	1. Set a correct OIDC URL 2. In iDP, cancel login process	Back to client	2.16: ✅ New: ✅
Logout	1. Complete login process in a OIDC server 2. Logout in the idP	Session logged out. Needed credentials again to enter the account	NA
Request flow
Check `openid-configuration` request	Enter an URL of OIDC server	The .well-known /openid-configuration endpoint must be checked to assure availability of OIDC. Response received	2.16: ✅ New: ✅
`register` endpoint available	In case the server supports Dynamic Client Registration, `register` endpoint is requested	Client id and secret id (not mandatory) is retrieved	NA	Android does not support yet
idP flow	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing	2.16: ✅ New: ✅
idP flow with dynamic client registration	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing using client id and secret id granted by register endpoint	NA	Android does not support yet
Redirection	Authorize session in idP	Web browser redirects correctly to the client and with session opened	2.16: ✅ New: ✅
Renewal	Wait till session time is exceed	`token` endoint is requested with refresh token to get a new token. This must be transparent for the client	2.16: ✅ New: ✅
ClientId/SecretId renewal	Wait till clientId/SecretId granted by register endpoint, expire	New ClientId/SecretId must be granted to request new tokens	NA	Android does not support yet
Migration
Basic -> OIDC	1. Login in basic auth server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode 4. Force re-login	User must re-authenticate against new OIDC	2.16 ✅ New: ✅
OAuth2 -> OIDC	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode	Token not valid anymore, and user must re-authenticate against new OIDC	2.16 ❌ New ✅	Crash fixed!!
OAuth2 -> OIDC + OAuth2	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC, keeping Oauth2 enabled 3. Disable maintenance mode	Token is not valid anymore. Must re-authenticate to start using OIDC	2.16 ✅ New: ✅

Smoke test: 2.16 ✅ New ✅

iOS

Openidconnect: 2.0.0RC1
Device: iPhoneXR
iOS version: 14.2

Tested with the current stable 11.4.5 and the new one 11.5, including Dynamic Client Registration

Test Case	Description	Expected	Result	Comments
User flow
Correct OIDC URL	Set a correct OIDC URL	Connection set to the URL	11.4: ✅ 11.5 ✅
Enter correct iDP credentials	1. Set a correct OIDC URL 2. Enter correct credentials	Authorization is requested	11.4: ✅ 11.5 ✅
Authorization	Authorize permissions and session	iDP finishes web browser and redirects to the client	11.4: ✅ 11.5 ✅
Cancel login process	1. Set a correct OIDC URL 2. In iDP, cancel login process	Back to client	11.4: ✅ 11.5 ✅
Logout	1. Complete login process in a OIDC server 2. Logout in the idP	Session logged out. Needed credentials again to enter the account	NA
Request flow
Check `openid-configuration` request	Enter an URL of OIDC server	The .well-known /openid-configuration endpoint must be checked to assure availability of OIDC. Response received	11.4: ✅ 11.5 ✅
`register` endpoint available	In case the server supports Dynamic Client Registration, `register` endpoint is requested	Client id and secret id (not mandatory) is retrieved	11.4: NA 11.5 ✅
idP flow	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing	11.4: ✅ 11.5 ✅
idP flow with dynamic client registration	Enter credentials in iDP	The `logon` endpoint is requested after entering credentials The `authorize` endpoint is requested after authorizing using client id and secret id granted by register endpoint	11.4: NA 11.5 ✅
Redirection	Authorize session in idP	Web browser redirects correctly to the client and with session opened	11.4: ✅ 11.5 ✅
Renewal	Wait till session time is exceed	`token` endpoint is requested with refresh token to get a new token. This must be transparent for the client	11.4: 11.5 ✅
ClientId/SecretId renewal	Wait till clientId/SecretId granted by register endpoint, expire	New ClientId/SecretId must be granted to request new tokens	11.4: NA 11.5 ❌	Link
Migration
Basic -> OIDC	1. Login in basic auth server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode 4. Force re-login	User must re-authenticate against new OIDC	NA	Not supported. Link
OAuth2 -> OIDC	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC 3. Disable maintenance mode	Token not valid anymore, and user must re-authenticate against new OIDC	11.4 ✅ 11.5 ✅
OAuth2 -> OIDC + OAuth2	1. Login in OAuth2 server 2. Enable maintenance mode and upgrade to OIDC, keeping Oauth2 enabled 3. Disable maintenance mode	Token is valid anymore. Must re-authenticate to start using OIDC	11.4: ❌ 11.5 ❌	Open file list in browser

Smoke test: 11.4 ✅ 11.5 ✅

The text was updated successfully, but these errors were encountered:

jnweiger · 2021-01-15T20:09:41Z

@michaelstingl @jesmrec please fill in details where possible.

jesmrec · 2021-01-18T11:53:58Z

i added the link to the OIDC test plan i used to execute. Do you need more details there?

I will add dynamic registration test cases as soon as i start with it.

jnweiger · 2021-01-26T13:02:12Z

Changlog Testplan

dynamic client registration
Azure AD: Use access token payload instead of user info endpoint #103 azure ad with 'use-access-token-payload-for-user-info' => true,
Auto provisioning mode #118 autoprivisoning

jnweiger · 2021-01-28T01:21:51Z

Dynamic client registration with owncloud-2.7.0-daily20210127 (win10)

Tested against a server installation, where kopano has a konnectd-identifier-registration.yaml with an invalid entry

 - id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXE69
    secret: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXFeFh
    name: ownCloud desktop client
    application_type: native
    insecure: true
    trusted: true

and openidconnect-1.0.0 is running.
The client logs

20210127_1703_owncloud.log.0:01-27 17:09:00:663 [ info sync.httplogger ]:	"2a6d0b46-5dd3-43a0-82b9-36903bef9477: Response: POST 201 https://konnect.oidc-1-0-0-20210127.jw-qa.owncloud.works/konnect/v1/register Header: { Cache-Control: no-cache, no-store, must-revalidate, Content-Length: 2014, Content-Type: application/json; encoding=utf-8, Date: Thu, 28 Jan 2021 01:09:00 GMT, Pragma: no-cache, Referrer-Policy: origin, Server: Caddy, X-Content-Type-Options: nosniff, } Data: [{\n  \"client_id\": \"dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE3OTk3NDAsImlhdCI6MTYxMTc5NjE0MCwic3ViIjoiSGUwUUdzRnFzOTZrQzlyMFZWM2RiLVVVZk51WWtjZmw4V1MzYklrUm5oM280RFhJYXJ0SHVmVDZUbkZodER0ZWN2VXR1SFpyNUNzQ1ZkdmZSbGcwNFEiLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.zsZPHOu2R6QrPCvYA2sDzrb-mYGzPrY8mA-LaNsJPCVYkE4IJakBMOansGQENHWBNDazqp4IVwrH6msOncov3Eu2acXKrj-nBsDHvGBbHdNnoP-Yajkiz65anyBd5pODBGME-zkQgSknhQHOwvUybSTtEuOIxZGZfzWeWXguhBCMIln3k9IPGDGj25EgYxMId319nUzXYz2q2-qVfI7aAa-Cw7EeO052JdKFbr-JqvUWaCp8jwZju2FNXhaCXw1zg_A0ruGDFvBRmcZjjnrvthkw90IA9mT_qiwmhRK4cO_5etB0_ISG7BwvE9tE4U1pLC3QhCFoALchswqY1KDJQGO4xkJmeNn0M7xKDT6QL0b7hcxWMYwE2Lcy8lHJuRPMPiT6sG0P_V7aw8GjYKacOQYEUy2-l6YWoDau36E31_3JJKOINEpd9_dA3SYftTv6wk4vCuOWUhQB1vl2_z1x5y63zHM0hJe0w_1OR-VTBqLJkNmSukoFlaa3Po4MjNs24gfWtzf3NDvS8UodUMTl-M6LtvJH2lebWBWM-iVUlvdKGrOIHjqHNmGGTZiAvMATKGE8LfqbfNnmXM5e8IfvoVlxNKqkF7t1XnVpmO4f2XjqHJ3RMTLm86ah0hn1mcT_XcGk5mxr8vqQPWJ9YjZynnI9j-hfkYPPTxYPqO2BKgU\",\n  \"client_secret\": \"1ah0dQ0-SjHwkU_YdS2cfxBSiGyzJNl2w_vzpDWn38OGJJMKfE1QQuJohXPw9N2vrSJjXinSpJ0NnJnoKOzp6g\",\n  \"client_id_issued_at\": 1611796140,\n  \"client_secret_expires_at\": 1611799740,\n  \"redirect_uris\": [\n    \"http://localhost\"\n  ],\n  \"response_types\": [\n    \"code\"\n  ],\n  \"grant_types\": [\n    \"authorization_code\"\n  ],\n  \"application_type\": \"native\",\n  \"contacts\": null,\n  \"client_name\": \"ownCloud 2.8.0daily20210127 (build 3168)\",\n  \"client_uri\": \"\",\n  \"jwks\": null,\n  \"id_token_signed_response_alg\": \"RS256\",\n  \"userinfo_signed_response_alg\": \"\",\n  \"request_object_signing_alg\": \"\",\n  \"token_endpoint_auth_method\": \"client_secret_basic\",\n  \"token_endpoint_auth_signing_alg\": \"\",\n  \"post_logout_redirect_uris\": null\n}\n]"

The client user can login and syncing works fine. It is a surprise to see that in openidconnect-1.0.0 already. It was expected to not work in 1.0.0 and only work in 2.0.0

Files with the correct id and secret (unaffected by the above XXXXX):

/tmp/konnectd-identifier-registration.yaml
/kopano/ssl/konnectd-identifier-registration.yaml

files showing the XXXX Modification:

/etc/kopano/konnectd-identifier-registration.yaml

After patching all three files to have XXXXX, and after restarting the kopano service via docker-compose stop/up, client-2.8 can still connect.

jnweiger · 2021-01-28T11:15:29Z

Logfile excerpts output from client 2.8 daily 20210127, linebreaks added for readability via grep dyn owncloud.log.0 | sed -e 's/&/\n\t&/g' > dynlog.txt

01-28 02:04:35:537 [ info sync.httplogger ]:    "56a771cd-1c15-4c62-a459-60f19820d983: Response: POST 201 https://konnect.oidc-2-0-0rc1-20210128.jw-qa.owncloud.works/konnect/v1/register Header: { Cache-Control: no-cache, no-store, must-revalidate, Content-Length: 2014, Content-Type: application/json; encoding=utf-8, Date: Thu, 28 Jan 2021 10:04:35 GMT, Pragma: no-cache, Referrer-Policy: origin, Server: Caddy, X-Content-Type-Options: nosniff, } Data: [{
         \"client_id\": \"dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE4MzE4NzUsImlhdCI6MTYxMTgyODI3NSwic3ViIjoibW5NQ0FXOXhjVEJUSTAySmp2a3JjUzU3TjhzT1Z6eHI5ZEwxUWJXWVM2MlY0d0J1dE0wZFBmM0V3cHl5ZkNQZ196RUhHWHU2OXgtQThrb3FVQjlFV3ciLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.M0cvFvDax893ZVf6Nd_q8F4YkzH3PtV-Au_fTjoX2_-GXsLvi13c3oujT9j0yyqb5-PQYJ0jPWURYjb8H-bvGIsG0Wd3Z2zBwZum87nVkLSFoYA9uQIXT10BPzAYWRWZEdwX47PMtcsAbQIulbC7A9PvBZjXOGQCKUtbdWZm9rcCYszYcT1v8TXLEdSjuq3mpiY2r74vQ3fdmgbKI61oC_BBuYm9kK83eWaYp8epN9Ee3XBAw5nuhJnfDNGh_rERMNkWJT-vSe7-8e0jwqNiyJ1QXHaxYeuCywVcyYix2pF-M7xQVtfjKL5trkUNJMnBzmEGRrJQnxfzrj0OfjA7Xx6vOYrD-cMjZGkpncbTLPwWAWUbm2if-gI3ePLVrQLUieKuWV2gt2b5lyd1cexodyt--9Wcsl0JdFF1_F0bkg-J3JC9F6EcANT9TR0oamhN5CpC8IxnQ_g14kGdfX3fvPi6AA2sZjlCNDZJ2z2cOQm2-cy0ekU0r5tUPd8WvEiWDLIdunQ3psMviNIFMikgepivg3dCHoFX8raLqfiibqPgKxoGnXJ1PsDpgSbexMddwmlbi3Xv4rHvzkCbRsH5RDl_7AoPeZIogHvFzXlM7qmCKBNTXWxiVK56jzyoGxvdnywMUbHsgCCFxQEX7I3ol0kitDNGrrN5Oj1t3ktoWyE\",
         \"client_secret\": \"A3oKXCUxie-dzoMLj8SJf1Fv90rtVQ5EjmdWb4uTDeOiipcMXZUxVr5pp4Nd2v2dDbcb4NgJru7dtxXV8iDpxw\",
         \"client_id_issued_at\": 1611828275,
         \"client_secret_expires_at\": 1611831875,\n  \"redirect_uris\": [\n    \"http://localhost\"\n  ],\n  \"response_types\": [\n    \"code\"\n  ],\n  \"grant_types\": [\n    \"authorization_code\"\n  ],\n  \"application_type\": \"native\",\n  \"contacts\": null,\n  \"client_name\": \"ownCloud 2.8.0daily20210127 (build 3168)\",\n  \"client_uri\": \"\",\n  \"jwks\": null,\n  \"id_token_signed_response_alg\": \"RS256\",\n  \"userinfo_signed_response_alg\": \"\",\n  \"request_object_signing_alg\": \"\",\n  \"token_endpoint_auth_method\": \"client_secret_basic\",\n  \"token_endpoint_auth_signing_alg\": \"\",\n  \"post_logout_redirect_uris\": null\n}\n]"
...
01-28 02:26:15:541 [ info sync.httplogger ]:	"5663f71d-61dc-45df-b297-38463bead4c3: Request: POST https://konnect.oidc-2-0-0rc1-20210128.jw-qa.owncloud.works/konnect/v1/token Header: { Authorization: Basic [redacted], Content-Type: application/x-www-form-urlencoded; charset=UTF-8, User-Agent: Mozilla/5.0 (Windows) mirall/2.8.0daily20210127 (build 3168) (ownCloud, windows-10.0.19042 ClientArchitecture: x86_64 OsArchitecture: x86_64), Accept: */*, X-Request-ID: 5663f71d-61dc-45df-b297-38463bead4c3, Content-Length: 4671, } Data: [client_id=dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE4MzE4NzUsImlhdCI6MTYxMTgyODI3NSwic3ViIjoibW5NQ0FXOXhjVEJUSTAySmp2a3JjUzU3TjhzT1Z6eHI5ZEwxUWJXWVM2MlY0d0J1dE0wZFBmM0V3cHl5ZkNQZ196RUhHWHU2OXgtQThrb3FVQjlFV3ciLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.M0cvFvDax893ZVf6Nd_q8F4YkzH3PtV-Au_fTjoX2_-GXsLvi13c3oujT9j0yyqb5-PQYJ0jPWURYjb8H-bvGIsG0Wd3Z2zBwZum87nVkLSFoYA9uQIXT10BPzAYWRWZEdwX47PMtcsAbQIulbC7A9PvBZjXOGQCKUtbdWZm9rcCYszYcT1v8TXLEdSjuq3mpiY2r74vQ3fdmgbKI61oC_BBuYm9kK83eWaYp8epN9Ee3XBAw5nuhJnfDNGh_rERMNkWJT-vSe7-8e0jwqNiyJ1QXHaxYeuCywVcyYix2pF-M7xQVtfjKL5trkUNJMnBzmEGRrJQnxfzrj0OfjA7Xx6vOYrD-cMjZGkpncbTLPwWAWUbm2if-gI3ePLVrQLUieKuWV2gt2b5lyd1cexodyt--9Wcsl0JdFF1_F0bkg-J3JC9F6EcANT9TR0oamhN5CpC8IxnQ_g14kGdfX3fvPi6AA2sZjlCNDZJ2z2cOQm2-cy0ekU0r5tUPd8WvEiWDLIdunQ3psMviNIFMikgepivg3dCHoFX8raLqfiibqPgKxoGnXJ1PsDpgSbexMddwmlbi3Xv4rHvzkCbRsH5RDl_7AoPeZIogHvFzXlM7qmCKBNTXWxiVK56jzyoGxvdnywMUbHsgCCFxQEX7I3ol0kitDNGrrN5Oj1t3ktoWyE
	&client_secret=A3oKXCUxie-dzoMLj8SJf1Fv90rtVQ5EjmdWb4uTDeOiipcMXZUxVr5pp4Nd2v2dDbcb4NgJru7dtxXV8iDpxw
	&scope=openid%20offline_access%20email%20profile
	&grant_type=refresh_token
	&refresh_token=eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJkeW4uZXlKaGJHY2lPaUpRVXpJMU5pSXNJbXRwWkNJNkltdHZibTVsWTNSa0xYUnZhMlZ1Y3kxemFXZHVhVzVuTFd0bGVTSXNJblI1Y0NJNklrcFhWQ0o5LmV5SmxlSEFpT2pFMk1URTRNekU0TnpVc0ltbGhkQ0k2TVRZeE1UZ3lPREkzTlN3aWMzVmlJam9pYlc1TlEwRlhPWGhqVkVKVVNUQXlTbXAyYTNKalV6VTNUamh6VDFaNmVISTVaRXd4VVdKWFdWTTJNbFkwZDBKMWRFMHdaRkJtTTBWM2NIbDVaa05RWjE5NlJVaEhXSFUyT1hndFFUaHJiM0ZWUWpsRlYzY2lMQ0p1WVcxbElqb2liM2R1UTJ4dmRXUWdNaTQ0TGpCa1lXbHNlVEl3TWpFd01USTNJQ2hpZFdsc1pDQXpNVFk0S1NJc0ltZHlZVzUwWDNSNWNHVnpJanBiSW1GMWRHaHZjbWw2WVhScGIyNWZZMjlrWlNKZExDSmhjSEJzYVdOaGRHbHZibDkwZVhCbElqb2libUYwYVhabElpd2ljbVZrYVhKbFkzUmZkWEpwY3lJNld5Sm9kSFJ3T2k4dmJHOWpZV3hvYjNOMElsMHNJbWxrWDNSdmEyVnVYM05wWjI1bFpGOXlaWE53YjI1elpWOWhiR2NpT2lKU1V6STFOaUlzSW5SdmEyVnVYMlZ1WkhCdmFXNTBYMkYxZEdoZmJXVjBhRzlrSWpvaVkyeHBaVzUwWDNObFkzSmxkRjlpWVhOcFl5SjkuTTBjdkZ2RGF4ODkzWlZmNk5kX3E4RjRZa3pIM1B0Vi1BdV9mVGpvWDJfLUdYc0x2aTEzYzNvdWpUOWoweXlxYjUtUFFZSjBqUFdVUllqYjhILWJ2R0lzRzBXZDNaMnpCd1p1bTg3blZrTFNGb1lBOXVRSVhUMTBCUHpBWVdSV1pFZHdYNDdQTXRjc0FiUUl1bGJDN0E5UHZCWmpYT0dRQ0tVdGJkV1ptOXJjQ1lzelljVDF2OFRYTEVkU2p1cTNtcGlZMnI3NHZRM2ZkbWdiS0k2MW9DX0JCdVltOWtLODNlV2FZcDhlcE45RWUzWEJBdzVudWhKbmZETkdoX3JFUk1Oa1dKVC12U2U3LThlMGp3cU5peUoxUVhIYXhZZXVDeXdWY3lZaXgycEYtTTd4UVZ0ZmpLTDV0cmtVTkpNbkJ6bUVHUnJKUW54ZnpyajBPZmpBN1h4NnZPWXJELWNNalpHa3BuY2JUTFB3V0FXVWJtMmlmLWdJM2VQTFZyUUxVaWVLdVdWMmd0MmI1bHlkMWNleG9keXQtLTlXY3NsMEpkRkYxX0YwYmtnLUozSkM5RjZFY0FOVDlUUjBvYW1oTjVDcEM4SXhuUV9nMTRrR2RmWDNmdlBpNkFBMnNaamxDTkRaSjJ6MmNPUW0yLWN5MGVrVTByNXRVUGQ4V3ZFaVdETElkdW5RM3BzTXZpTklGTWlrZ2VwaXZnM2RDSG9GWDhyYUxxZmlpYnFQZ0t4b0duWEoxUHNEcGdTYmV4TWRkd21sYmkzWHY0ckh2emtDYlJzSDVSRGxfN0FvUGVaSW9nSHZGelhsTTdxbUNLQk5UWFd4aVZLNTZqenlvR3h2ZG55d01VYkhzZ0NDRnhRRVg3STNvbDBraXRETkdyck41T2oxdDNrdG9XeUUiLCJleHAiOjE3MDY0MzYzMzQsImp0aSI6InJOcGJtT2lxODJBUmdjLXFpSzFUMFRlLURvOGVpa3VQIiwiaWF0IjoxNjExODI4MzM0LCJpc3MiOiJodHRwczovL2tvbm5lY3Qub2lkYy0yLTAtMHJjMS0yMDIxMDEyOC5qdy1xYS5vd25jbG91ZC53b3JrcyIsInN1YiI6IkF0X25wMzIyNnlCYW5vRW1LcUFsNWxXZFY2YXQ1bW9HcDVUUUVxaE8xbGZJV0lHbDAzb0VtV194WERaRWtNbVJJTWhNUjRMRzM0a1hCNWpTZmFKaURBQGtvbm5lY3QiLCJrYy5pc1JlZnJlc2hUb2tlbiI6dHJ1ZSwia2MuYXBwcm92ZWRTY29wZXMiOlsiZW1haWwiLCJwcm9maWxlIiwib3BlbmlkIiwib2ZmbGluZV9hY2Nlc3MiXSwia2MucmVmIjoiazhJVDU4d19oYm95MDE3Y19IaGxVWVZHQ01lRVJoZG1rTUplUzl1TlRKMD0iLCJrYy5pZGVudGl0eSI6eyJrYy5pLmRuIjoiYWFsaXlhaCIsImtjLmkuaWQiOiJ1aWQ9YWFsaXlhaF9iZWVyLG91PXBlb3BsZSxkYz1vd25jbG91ZHFhLGRjPWNvbSIsImtjLmkudW4iOiJhYWxpeWFoX2JlZXIifSwia2MucHJvdmlkZXIiOiJpZGVudGlmaWVyLWxkYXAifQ.dA4b4XMQ_MzdI_Jh-cPvRYZ_EoVF945Xqj2XdA33yVnJVmNVi7ugK7-jAjbHj4T4UEmJHGSmK5fLNwuwX49zkgNC0pUad46u429GtY1f28FNzPxumIKIjmR0bcNpeykPGuaUQv4t762ZvRfsZNCilzPFV6ABEkBPc_uFxO0rCsB73rJjTRpb5yuwYPgWsuUApTWmMafmh30g6MK4N0_aeGdmumYhNAAOdqzogfUTUD_uxuaL4AcuQrprDhZ5TGJknGuYIzCOrrVT3VpZnB-k_vrckFo9niRiAo1qezP7Gd-GT4a5U2NY1molHe5J4r2A2tv5DSO9hO1GD2jwJah37r10GXrlSMwDIob5xZtPvAD9wVVEpmfHYon2q0bJ8dUNA72bllcsBRjg6CTrcCX-EAED_Ss4_N9hYATjv6xjsDE1Yp0LCSpc6zrXsqK3JN0XVieHKcUZ4-VeW1W_eGrgqJb_GInAXASZVtyawPxKkH41kGrz6JoIQ4Ege50bcAO79BFL7QUwYH6v-74XviST7_5Dbh6dNK03I4s-2A7CGAXTL4_M1QWa620Jk2Da5VuOmT0eWWfY35afieOFTzN7TTrNYTlBOIzTttq8aflfU8GTe56kso7xz0YKgb-OIWZUY7BS6RKZP_iBQt12Tn3kV9nT7TvSUVwxRgwYGtYYgCE]"
01-28 02:36:24:412 [ info sync.httplogger ]:	"c2ee840d-a40f-4c4a-a720-0a01550b925a: Request: POST https://konnect.oidc-2-0-0rc1-20210128.jw-qa.owncloud.works/konnect/v1/token Header: { Authorization: Basic [redacted], Content-Type: application/x-www-form-urlencoded; charset=UTF-8, User-Agent: Mozilla/5.0 (Windows) mirall/2.8.0daily20210127 (build 3168) (ownCloud, windows-10.0.19042 ClientArchitecture: x86_64 OsArchitecture: x86_64), Accept: */*, X-Request-ID: c2ee840d-a40f-4c4a-a720-0a01550b925a, Content-Length: 4671, } Data: [client_id=dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE4MzE4NzUsImlhdCI6MTYxMTgyODI3NSwic3ViIjoibW5NQ0FXOXhjVEJUSTAySmp2a3JjUzU3TjhzT1Z6eHI5ZEwxUWJXWVM2MlY0d0J1dE0wZFBmM0V3cHl5ZkNQZ196RUhHWHU2OXgtQThrb3FVQjlFV3ciLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.M0cvFvDax893ZVf6Nd_q8F4YkzH3PtV-Au_fTjoX2_-GXsLvi13c3oujT9j0yyqb5-PQYJ0jPWURYjb8H-bvGIsG0Wd3Z2zBwZum87nVkLSFoYA9uQIXT10BPzAYWRWZEdwX47PMtcsAbQIulbC7A9PvBZjXOGQCKUtbdWZm9rcCYszYcT1v8TXLEdSjuq3mpiY2r74vQ3fdmgbKI61oC_BBuYm9kK83eWaYp8epN9Ee3XBAw5nuhJnfDNGh_rERMNkWJT-vSe7-8e0jwqNiyJ1QXHaxYeuCywVcyYix2pF-M7xQVtfjKL5trkUNJMnBzmEGRrJQnxfzrj0OfjA7Xx6vOYrD-cMjZGkpncbTLPwWAWUbm2if-gI3ePLVrQLUieKuWV2gt2b5lyd1cexodyt--9Wcsl0JdFF1_F0bkg-J3JC9F6EcANT9TR0oamhN5CpC8IxnQ_g14kGdfX3fvPi6AA2sZjlCNDZJ2z2cOQm2-cy0ekU0r5tUPd8WvEiWDLIdunQ3psMviNIFMikgepivg3dCHoFX8raLqfiibqPgKxoGnXJ1PsDpgSbexMddwmlbi3Xv4rHvzkCbRsH5RDl_7AoPeZIogHvFzXlM7qmCKBNTXWxiVK56jzyoGxvdnywMUbHsgCCFxQEX7I3ol0kitDNGrrN5Oj1t3ktoWyE
	&client_secret=A3oKXCUxie-dzoMLj8SJf1Fv90rtVQ5EjmdWb4uTDeOiipcMXZUxVr5pp4Nd2v2dDbcb4NgJru7dtxXV8iDpxw
	&scope=openid%20offline_access%20email%20profile
	&grant_type=refresh_token
	&refresh_token=eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJkeW4uZXlKaGJHY2lPaUpRVXpJMU5pSXNJbXRwWkNJNkltdHZibTVsWTNSa0xYUnZhMlZ1Y3kxemFXZHVhVzVuTFd0bGVTSXNJblI1Y0NJNklrcFhWQ0o5LmV5SmxlSEFpT2pFMk1URTRNekU0TnpVc0ltbGhkQ0k2TVRZeE1UZ3lPREkzTlN3aWMzVmlJam9pYlc1TlEwRlhPWGhqVkVKVVNUQXlTbXAyYTNKalV6VTNUamh6VDFaNmVISTVaRXd4VVdKWFdWTTJNbFkwZDBKMWRFMHdaRkJtTTBWM2NIbDVaa05RWjE5NlJVaEhXSFUyT1hndFFUaHJiM0ZWUWpsRlYzY2lMQ0p1WVcxbElqb2liM2R1UTJ4dmRXUWdNaTQ0TGpCa1lXbHNlVEl3TWpFd01USTNJQ2hpZFdsc1pDQXpNVFk0S1NJc0ltZHlZVzUwWDNSNWNHVnpJanBiSW1GMWRHaHZjbWw2WVhScGIyNWZZMjlrWlNKZExDSmhjSEJzYVdOaGRHbHZibDkwZVhCbElqb2libUYwYVhabElpd2ljbVZrYVhKbFkzUmZkWEpwY3lJNld5Sm9kSFJ3T2k4dmJHOWpZV3hvYjNOMElsMHNJbWxrWDNSdmEyVnVYM05wWjI1bFpGOXlaWE53YjI1elpWOWhiR2NpT2lKU1V6STFOaUlzSW5SdmEyVnVYMlZ1WkhCdmFXNTBYMkYxZEdoZmJXVjBhRzlrSWpvaVkyeHBaVzUwWDNObFkzSmxkRjlpWVhOcFl5SjkuTTBjdkZ2RGF4ODkzWlZmNk5kX3E4RjRZa3pIM1B0Vi1BdV9mVGpvWDJfLUdYc0x2aTEzYzNvdWpUOWoweXlxYjUtUFFZSjBqUFdVUllqYjhILWJ2R0lzRzBXZDNaMnpCd1p1bTg3blZrTFNGb1lBOXVRSVhUMTBCUHpBWVdSV1pFZHdYNDdQTXRjc0FiUUl1bGJDN0E5UHZCWmpYT0dRQ0tVdGJkV1ptOXJjQ1lzelljVDF2OFRYTEVkU2p1cTNtcGlZMnI3NHZRM2ZkbWdiS0k2MW9DX0JCdVltOWtLODNlV2FZcDhlcE45RWUzWEJBdzVudWhKbmZETkdoX3JFUk1Oa1dKVC12U2U3LThlMGp3cU5peUoxUVhIYXhZZXVDeXdWY3lZaXgycEYtTTd4UVZ0ZmpLTDV0cmtVTkpNbkJ6bUVHUnJKUW54ZnpyajBPZmpBN1h4NnZPWXJELWNNalpHa3BuY2JUTFB3V0FXVWJtMmlmLWdJM2VQTFZyUUxVaWVLdVdWMmd0MmI1bHlkMWNleG9keXQtLTlXY3NsMEpkRkYxX0YwYmtnLUozSkM5RjZFY0FOVDlUUjBvYW1oTjVDcEM4SXhuUV9nMTRrR2RmWDNmdlBpNkFBMnNaamxDTkRaSjJ6MmNPUW0yLWN5MGVrVTByNXRVUGQ4V3ZFaVdETElkdW5RM3BzTXZpTklGTWlrZ2VwaXZnM2RDSG9GWDhyYUxxZmlpYnFQZ0t4b0duWEoxUHNEcGdTYmV4TWRkd21sYmkzWHY0ckh2emtDYlJzSDVSRGxfN0FvUGVaSW9nSHZGelhsTTdxbUNLQk5UWFd4aVZLNTZqenlvR3h2ZG55d01VYkhzZ0NDRnhRRVg3STNvbDBraXRETkdyck41T2oxdDNrdG9XeUUiLCJleHAiOjE3MDY0MzYzMzQsImp0aSI6InJOcGJtT2lxODJBUmdjLXFpSzFUMFRlLURvOGVpa3VQIiwiaWF0IjoxNjExODI4MzM0LCJpc3MiOiJodHRwczovL2tvbm5lY3Qub2lkYy0yLTAtMHJjMS0yMDIxMDEyOC5qdy1xYS5vd25jbG91ZC53b3JrcyIsInN1YiI6IkF0X25wMzIyNnlCYW5vRW1LcUFsNWxXZFY2YXQ1bW9HcDVUUUVxaE8xbGZJV0lHbDAzb0VtV194WERaRWtNbVJJTWhNUjRMRzM0a1hCNWpTZmFKaURBQGtvbm5lY3QiLCJrYy5pc1JlZnJlc2hUb2tlbiI6dHJ1ZSwia2MuYXBwcm92ZWRTY29wZXMiOlsiZW1haWwiLCJwcm9maWxlIiwib3BlbmlkIiwib2ZmbGluZV9hY2Nlc3MiXSwia2MucmVmIjoiazhJVDU4d19oYm95MDE3Y19IaGxVWVZHQ01lRVJoZG1rTUplUzl1TlRKMD0iLCJrYy5pZGVudGl0eSI6eyJrYy5pLmRuIjoiYWFsaXlhaCIsImtjLmkuaWQiOiJ1aWQ9YWFsaXlhaF9iZWVyLG91PXBlb3BsZSxkYz1vd25jbG91ZHFhLGRjPWNvbSIsImtjLmkudW4iOiJhYWxpeWFoX2JlZXIifSwia2MucHJvdmlkZXIiOiJpZGVudGlmaWVyLWxkYXAifQ.dA4b4XMQ_MzdI_Jh-cPvRYZ_EoVF945Xqj2XdA33yVnJVmNVi7ugK7-jAjbHj4T4UEmJHGSmK5fLNwuwX49zkgNC0pUad46u429GtY1f28FNzPxumIKIjmR0bcNpeykPGuaUQv4t762ZvRfsZNCilzPFV6ABEkBPc_uFxO0rCsB73rJjTRpb5yuwYPgWsuUApTWmMafmh30g6MK4N0_aeGdmumYhNAAOdqzogfUTUD_uxuaL4AcuQrprDhZ5TGJknGuYIzCOrrVT3VpZnB-k_vrckFo9niRiAo1qezP7Gd-GT4a5U2NY1molHe5J4r2A2tv5DSO9hO1GD2jwJah37r10GXrlSMwDIob5xZtPvAD9wVVEpmfHYon2q0bJ8dUNA72bllcsBRjg6CTrcCX-EAED_Ss4_N9hYATjv6xjsDE1Yp0LCSpc6zrXsqK3JN0XVieHKcUZ4-VeW1W_eGrgqJb_GInAXASZVtyawPxKkH41kGrz6JoIQ4Ege50bcAO79BFL7QUwYH6v-74XviST7_5Dbh6dNK03I4s-2A7CGAXTL4_M1QWa620Jk2Da5VuOmT0eWWfY35afieOFTzN7TTrNYTlBOIzTttq8aflfU8GTe56kso7xz0YKgb-OIWZUY7BS6RKZP_iBQt12Tn3kV9nT7TvSUVwxRgwYGtYYgCE]"
01-28 02:46:54:565 [ info sync.httplogger ]:	"c9fe9a23-1196-447b-b420-b18fdaa06178: Request: POST https://konnect.oidc-2-0-0rc1-20210128.jw-qa.owncloud.works/konnect/v1/token Header: { Authorization: Basic [redacted], Content-Type: application/x-www-form-urlencoded; charset=UTF-8, User-Agent: Mozilla/5.0 (Windows) mirall/2.8.0daily20210127 (build 3168) (ownCloud, windows-10.0.19042 ClientArchitecture: x86_64 OsArchitecture: x86_64), Accept: */*, X-Request-ID: c9fe9a23-1196-447b-b420-b18fdaa06178, Content-Length: 4671, } Data: [client_id=dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE4MzE4NzUsImlhdCI6MTYxMTgyODI3NSwic3ViIjoibW5NQ0FXOXhjVEJUSTAySmp2a3JjUzU3TjhzT1Z6eHI5ZEwxUWJXWVM2MlY0d0J1dE0wZFBmM0V3cHl5ZkNQZ196RUhHWHU2OXgtQThrb3FVQjlFV3ciLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.M0cvFvDax893ZVf6Nd_q8F4YkzH3PtV-Au_fTjoX2_-GXsLvi13c3oujT9j0yyqb5-PQYJ0jPWURYjb8H-bvGIsG0Wd3Z2zBwZum87nVkLSFoYA9uQIXT10BPzAYWRWZEdwX47PMtcsAbQIulbC7A9PvBZjXOGQCKUtbdWZm9rcCYszYcT1v8TXLEdSjuq3mpiY2r74vQ3fdmgbKI61oC_BBuYm9kK83eWaYp8epN9Ee3XBAw5nuhJnfDNGh_rERMNkWJT-vSe7-8e0jwqNiyJ1QXHaxYeuCywVcyYix2pF-M7xQVtfjKL5trkUNJMnBzmEGRrJQnxfzrj0OfjA7Xx6vOYrD-cMjZGkpncbTLPwWAWUbm2if-gI3ePLVrQLUieKuWV2gt2b5lyd1cexodyt--9Wcsl0JdFF1_F0bkg-J3JC9F6EcANT9TR0oamhN5CpC8IxnQ_g14kGdfX3fvPi6AA2sZjlCNDZJ2z2cOQm2-cy0ekU0r5tUPd8WvEiWDLIdunQ3psMviNIFMikgepivg3dCHoFX8raLqfiibqPgKxoGnXJ1PsDpgSbexMddwmlbi3Xv4rHvzkCbRsH5RDl_7AoPeZIogHvFzXlM7qmCKBNTXWxiVK56jzyoGxvdnywMUbHsgCCFxQEX7I3ol0kitDNGrrN5Oj1t3ktoWyE
	&client_secret=A3oKXCUxie-dzoMLj8SJf1Fv90rtVQ5EjmdWb4uTDeOiipcMXZUxVr5pp4Nd2v2dDbcb4NgJru7dtxXV8iDpxw
	&scope=openid%20offline_access%20email%20profile
	&grant_type=refresh_token
	&refresh_token=eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJkeW4uZXlKaGJHY2lPaUpRVXpJMU5pSXNJbXRwWkNJNkltdHZibTVsWTNSa0xYUnZhMlZ1Y3kxemFXZHVhVzVuTFd0bGVTSXNJblI1Y0NJNklrcFhWQ0o5LmV5SmxlSEFpT2pFMk1URTRNekU0TnpVc0ltbGhkQ0k2TVRZeE1UZ3lPREkzTlN3aWMzVmlJam9pYlc1TlEwRlhPWGhqVkVKVVNUQXlTbXAyYTNKalV6VTNUamh6VDFaNmVISTVaRXd4VVdKWFdWTTJNbFkwZDBKMWRFMHdaRkJtTTBWM2NIbDVaa05RWjE5NlJVaEhXSFUyT1hndFFUaHJiM0ZWUWpsRlYzY2lMQ0p1WVcxbElqb2liM2R1UTJ4dmRXUWdNaTQ0TGpCa1lXbHNlVEl3TWpFd01USTNJQ2hpZFdsc1pDQXpNVFk0S1NJc0ltZHlZVzUwWDNSNWNHVnpJanBiSW1GMWRHaHZjbWw2WVhScGIyNWZZMjlrWlNKZExDSmhjSEJzYVdOaGRHbHZibDkwZVhCbElqb2libUYwYVhabElpd2ljbVZrYVhKbFkzUmZkWEpwY3lJNld5Sm9kSFJ3T2k4dmJHOWpZV3hvYjNOMElsMHNJbWxrWDNSdmEyVnVYM05wWjI1bFpGOXlaWE53YjI1elpWOWhiR2NpT2lKU1V6STFOaUlzSW5SdmEyVnVYMlZ1WkhCdmFXNTBYMkYxZEdoZmJXVjBhRzlrSWpvaVkyeHBaVzUwWDNObFkzSmxkRjlpWVhOcFl5SjkuTTBjdkZ2RGF4ODkzWlZmNk5kX3E4RjRZa3pIM1B0Vi1BdV9mVGpvWDJfLUdYc0x2aTEzYzNvdWpUOWoweXlxYjUtUFFZSjBqUFdVUllqYjhILWJ2R0lzRzBXZDNaMnpCd1p1bTg3blZrTFNGb1lBOXVRSVhUMTBCUHpBWVdSV1pFZHdYNDdQTXRjc0FiUUl1bGJDN0E5UHZCWmpYT0dRQ0tVdGJkV1ptOXJjQ1lzelljVDF2OFRYTEVkU2p1cTNtcGlZMnI3NHZRM2ZkbWdiS0k2MW9DX0JCdVltOWtLODNlV2FZcDhlcE45RWUzWEJBdzVudWhKbmZETkdoX3JFUk1Oa1dKVC12U2U3LThlMGp3cU5peUoxUVhIYXhZZXVDeXdWY3lZaXgycEYtTTd4UVZ0ZmpLTDV0cmtVTkpNbkJ6bUVHUnJKUW54ZnpyajBPZmpBN1h4NnZPWXJELWNNalpHa3BuY2JUTFB3V0FXVWJtMmlmLWdJM2VQTFZyUUxVaWVLdVdWMmd0MmI1bHlkMWNleG9keXQtLTlXY3NsMEpkRkYxX0YwYmtnLUozSkM5RjZFY0FOVDlUUjBvYW1oTjVDcEM4SXhuUV9nMTRrR2RmWDNmdlBpNkFBMnNaamxDTkRaSjJ6MmNPUW0yLWN5MGVrVTByNXRVUGQ4V3ZFaVdETElkdW5RM3BzTXZpTklGTWlrZ2VwaXZnM2RDSG9GWDhyYUxxZmlpYnFQZ0t4b0duWEoxUHNEcGdTYmV4TWRkd21sYmkzWHY0ckh2emtDYlJzSDVSRGxfN0FvUGVaSW9nSHZGelhsTTdxbUNLQk5UWFd4aVZLNTZqenlvR3h2ZG55d01VYkhzZ0NDRnhRRVg3STNvbDBraXRETkdyck41T2oxdDNrdG9XeUUiLCJleHAiOjE3MDY0MzYzMzQsImp0aSI6InJOcGJtT2lxODJBUmdjLXFpSzFUMFRlLURvOGVpa3VQIiwiaWF0IjoxNjExODI4MzM0LCJpc3MiOiJodHRwczovL2tvbm5lY3Qub2lkYy0yLTAtMHJjMS0yMDIxMDEyOC5qdy1xYS5vd25jbG91ZC53b3JrcyIsInN1YiI6IkF0X25wMzIyNnlCYW5vRW1LcUFsNWxXZFY2YXQ1bW9HcDVUUUVxaE8xbGZJV0lHbDAzb0VtV194WERaRWtNbVJJTWhNUjRMRzM0a1hCNWpTZmFKaURBQGtvbm5lY3QiLCJrYy5pc1JlZnJlc2hUb2tlbiI6dHJ1ZSwia2MuYXBwcm92ZWRTY29wZXMiOlsiZW1haWwiLCJwcm9maWxlIiwib3BlbmlkIiwib2ZmbGluZV9hY2Nlc3MiXSwia2MucmVmIjoiazhJVDU4d19oYm95MDE3Y19IaGxVWVZHQ01lRVJoZG1rTUplUzl1TlRKMD0iLCJrYy5pZGVudGl0eSI6eyJrYy5pLmRuIjoiYWFsaXlhaCIsImtjLmkuaWQiOiJ1aWQ9YWFsaXlhaF9iZWVyLG91PXBlb3BsZSxkYz1vd25jbG91ZHFhLGRjPWNvbSIsImtjLmkudW4iOiJhYWxpeWFoX2JlZXIifSwia2MucHJvdmlkZXIiOiJpZGVudGlmaWVyLWxkYXAifQ.dA4b4XMQ_MzdI_Jh-cPvRYZ_EoVF945Xqj2XdA33yVnJVmNVi7ugK7-jAjbHj4T4UEmJHGSmK5fLNwuwX49zkgNC0pUad46u429GtY1f28FNzPxumIKIjmR0bcNpeykPGuaUQv4t762ZvRfsZNCilzPFV6ABEkBPc_uFxO0rCsB73rJjTRpb5yuwYPgWsuUApTWmMafmh30g6MK4N0_aeGdmumYhNAAOdqzogfUTUD_uxuaL4AcuQrprDhZ5TGJknGuYIzCOrrVT3VpZnB-k_vrckFo9niRiAo1qezP7Gd-GT4a5U2NY1molHe5J4r2A2tv5DSO9hO1GD2jwJah37r10GXrlSMwDIob5xZtPvAD9wVVEpmfHYon2q0bJ8dUNA72bllcsBRjg6CTrcCX-EAED_Ss4_N9hYATjv6xjsDE1Yp0LCSpc6zrXsqK3JN0XVieHKcUZ4-VeW1W_eGrgqJb_GInAXASZVtyawPxKkH41kGrz6JoIQ4Ege50bcAO79BFL7QUwYH6v-74XviST7_5Dbh6dNK03I4s-2A7CGAXTL4_M1QWa620Jk2Da5VuOmT0eWWfY35afieOFTzN7TTrNYTlBOIzTttq8aflfU8GTe56kso7xz0YKgb-OIWZUY7BS6RKZP_iBQt12Tn3kV9nT7TvSUVwxRgwYGtYYgCE]"
01-28 02:57:25:000 [ info sync.httplogger ]:	"9f52b16f-4ca9-4476-bae4-f3c87967389f: Request: POST https://konnect.oidc-2-0-0rc1-20210128.jw-qa.owncloud.works/konnect/v1/token Header: { Authorization: Basic [redacted], Content-Type: application/x-www-form-urlencoded; charset=UTF-8, User-Agent: Mozilla/5.0 (Windows) mirall/2.8.0daily20210127 (build 3168) (ownCloud, windows-10.0.19042 ClientArchitecture: x86_64 OsArchitecture: x86_64), Accept: */*, X-Request-ID: 9f52b16f-4ca9-4476-bae4-f3c87967389f, Content-Length: 4671, } Data: [client_id=dyn.eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTE4MzE4NzUsImlhdCI6MTYxMTgyODI3NSwic3ViIjoibW5NQ0FXOXhjVEJUSTAySmp2a3JjUzU3TjhzT1Z6eHI5ZEwxUWJXWVM2MlY0d0J1dE0wZFBmM0V3cHl5ZkNQZ196RUhHWHU2OXgtQThrb3FVQjlFV3ciLCJuYW1lIjoib3duQ2xvdWQgMi44LjBkYWlseTIwMjEwMTI3IChidWlsZCAzMTY4KSIsImdyYW50X3R5cGVzIjpbImF1dGhvcml6YXRpb25fY29kZSJdLCJhcHBsaWNhdGlvbl90eXBlIjoibmF0aXZlIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwOi8vbG9jYWxob3N0Il0sImlkX3Rva2VuX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoiY2xpZW50X3NlY3JldF9iYXNpYyJ9.M0cvFvDax893ZVf6Nd_q8F4YkzH3PtV-Au_fTjoX2_-GXsLvi13c3oujT9j0yyqb5-PQYJ0jPWURYjb8H-bvGIsG0Wd3Z2zBwZum87nVkLSFoYA9uQIXT10BPzAYWRWZEdwX47PMtcsAbQIulbC7A9PvBZjXOGQCKUtbdWZm9rcCYszYcT1v8TXLEdSjuq3mpiY2r74vQ3fdmgbKI61oC_BBuYm9kK83eWaYp8epN9Ee3XBAw5nuhJnfDNGh_rERMNkWJT-vSe7-8e0jwqNiyJ1QXHaxYeuCywVcyYix2pF-M7xQVtfjKL5trkUNJMnBzmEGRrJQnxfzrj0OfjA7Xx6vOYrD-cMjZGkpncbTLPwWAWUbm2if-gI3ePLVrQLUieKuWV2gt2b5lyd1cexodyt--9Wcsl0JdFF1_F0bkg-J3JC9F6EcANT9TR0oamhN5CpC8IxnQ_g14kGdfX3fvPi6AA2sZjlCNDZJ2z2cOQm2-cy0ekU0r5tUPd8WvEiWDLIdunQ3psMviNIFMikgepivg3dCHoFX8raLqfiibqPgKxoGnXJ1PsDpgSbexMddwmlbi3Xv4rHvzkCbRsH5RDl_7AoPeZIogHvFzXlM7qmCKBNTXWxiVK56jzyoGxvdnywMUbHsgCCFxQEX7I3ol0kitDNGrrN5Oj1t3ktoWyE
	&client_secret=A3oKXCUxie-dzoMLj8SJf1Fv90rtVQ5EjmdWb4uTDeOiipcMXZUxVr5pp4Nd2v2dDbcb4NgJru7dtxXV8iDpxw
	&scope=openid%20offline_access%20email%20profile
	&grant_type=refresh_token
	&refresh_token=eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJkeW4uZXlKaGJHY2lPaUpRVXpJMU5pSXNJbXRwWkNJNkltdHZibTVsWTNSa0xYUnZhMlZ1Y3kxemFXZHVhVzVuTFd0bGVTSXNJblI1Y0NJNklrcFhWQ0o5LmV5SmxlSEFpT2pFMk1URTRNekU0TnpVc0ltbGhkQ0k2TVRZeE1UZ3lPREkzTlN3aWMzVmlJam9pYlc1TlEwRlhPWGhqVkVKVVNUQXlTbXAyYTNKalV6VTNUamh6VDFaNmVISTVaRXd4VVdKWFdWTTJNbFkwZDBKMWRFMHdaRkJtTTBWM2NIbDVaa05RWjE5NlJVaEhXSFUyT1hndFFUaHJiM0ZWUWpsRlYzY2lMQ0p1WVcxbElqb2liM2R1UTJ4dmRXUWdNaTQ0TGpCa1lXbHNlVEl3TWpFd01USTNJQ2hpZFdsc1pDQXpNVFk0S1NJc0ltZHlZVzUwWDNSNWNHVnpJanBiSW1GMWRHaHZjbWw2WVhScGIyNWZZMjlrWlNKZExDSmhjSEJzYVdOaGRHbHZibDkwZVhCbElqb2libUYwYVhabElpd2ljbVZrYVhKbFkzUmZkWEpwY3lJNld5Sm9kSFJ3T2k4dmJHOWpZV3hvYjNOMElsMHNJbWxrWDNSdmEyVnVYM05wWjI1bFpGOXlaWE53YjI1elpWOWhiR2NpT2lKU1V6STFOaUlzSW5SdmEyVnVYMlZ1WkhCdmFXNTBYMkYxZEdoZmJXVjBhRzlrSWpvaVkyeHBaVzUwWDNObFkzSmxkRjlpWVhOcFl5SjkuTTBjdkZ2RGF4ODkzWlZmNk5kX3E4RjRZa3pIM1B0Vi1BdV9mVGpvWDJfLUdYc0x2aTEzYzNvdWpUOWoweXlxYjUtUFFZSjBqUFdVUllqYjhILWJ2R0lzRzBXZDNaMnpCd1p1bTg3blZrTFNGb1lBOXVRSVhUMTBCUHpBWVdSV1pFZHdYNDdQTXRjc0FiUUl1bGJDN0E5UHZCWmpYT0dRQ0tVdGJkV1ptOXJjQ1lzelljVDF2OFRYTEVkU2p1cTNtcGlZMnI3NHZRM2ZkbWdiS0k2MW9DX0JCdVltOWtLODNlV2FZcDhlcE45RWUzWEJBdzVudWhKbmZETkdoX3JFUk1Oa1dKVC12U2U3LThlMGp3cU5peUoxUVhIYXhZZXVDeXdWY3lZaXgycEYtTTd4UVZ0ZmpLTDV0cmtVTkpNbkJ6bUVHUnJKUW54ZnpyajBPZmpBN1h4NnZPWXJELWNNalpHa3BuY2JUTFB3V0FXVWJtMmlmLWdJM2VQTFZyUUxVaWVLdVdWMmd0MmI1bHlkMWNleG9keXQtLTlXY3NsMEpkRkYxX0YwYmtnLUozSkM5RjZFY0FOVDlUUjBvYW1oTjVDcEM4SXhuUV9nMTRrR2RmWDNmdlBpNkFBMnNaamxDTkRaSjJ6MmNPUW0yLWN5MGVrVTByNXRVUGQ4V3ZFaVdETElkdW5RM3BzTXZpTklGTWlrZ2VwaXZnM2RDSG9GWDhyYUxxZmlpYnFQZ0t4b0duWEoxUHNEcGdTYmV4TWRkd21sYmkzWHY0ckh2emtDYlJzSDVSRGxfN0FvUGVaSW9nSHZGelhsTTdxbUNLQk5UWFd4aVZLNTZqenlvR3h2ZG55d01VYkhzZ0NDRnhRRVg3STNvbDBraXRETkdyck41T2oxdDNrdG9XeUUiLCJleHAiOjE3MDY0MzYzMzQsImp0aSI6InJOcGJtT2lxODJBUmdjLXFpSzFUMFRlLURvOGVpa3VQIiwiaWF0IjoxNjExODI4MzM0LCJpc3MiOiJodHRwczovL2tvbm5lY3Qub2lkYy0yLTAtMHJjMS0yMDIxMDEyOC5qdy1xYS5vd25jbG91ZC53b3JrcyIsInN1YiI6IkF0X25wMzIyNnlCYW5vRW1LcUFsNWxXZFY2YXQ1bW9HcDVUUUVxaE8xbGZJV0lHbDAzb0VtV194WERaRWtNbVJJTWhNUjRMRzM0a1hCNWpTZmFKaURBQGtvbm5lY3QiLCJrYy5pc1JlZnJlc2hUb2tlbiI6dHJ1ZSwia2MuYXBwcm92ZWRTY29wZXMiOlsiZW1haWwiLCJwcm9maWxlIiwib3BlbmlkIiwib2ZmbGluZV9hY2Nlc3MiXSwia2MucmVmIjoiazhJVDU4d19oYm95MDE3Y19IaGxVWVZHQ01lRVJoZG1rTUplUzl1TlRKMD0iLCJrYy5pZGVudGl0eSI6eyJrYy5pLmRuIjoiYWFsaXlhaCIsImtjLmkuaWQiOiJ1aWQ9YWFsaXlhaF9iZWVyLG91PXBlb3BsZSxkYz1vd25jbG91ZHFhLGRjPWNvbSIsImtjLmkudW4iOiJhYWxpeWFoX2JlZXIifSwia2MucHJvdmlkZXIiOiJpZGVudGlmaWVyLWxkYXAifQ.dA4b4XMQ_MzdI_Jh-cPvRYZ_EoVF945Xqj2XdA33yVnJVmNVi7ugK7-jAjbHj4T4UEmJHGSmK5fLNwuwX49zkgNC0pUad46u429GtY1f28FNzPxumIKIjmR0bcNpeykPGuaUQv4t762ZvRfsZNCilzPFV6ABEkBPc_uFxO0rCsB73rJjTRpb5yuwYPgWsuUApTWmMafmh30g6MK4N0_aeGdmumYhNAAOdqzogfUTUD_uxuaL4AcuQrprDhZ5TGJknGuYIzCOrrVT3VpZnB-k_vrckFo9niRiAo1qezP7Gd-GT4a5U2NY1molHe5J4r2A2tv5DSO9hO1GD2jwJah37r10GXrlSMwDIob5xZtPvAD9wVVEpmfHYon2q0bJ8dUNA72bllcsBRjg6CTrcCX-EAED_Ss4_N9hYATjv6xjsDE1Yp0LCSpc6zrXsqK3JN0XVieHKcUZ4-VeW1W_eGrgqJb_GInAXASZVtyawPxKkH41kGrz6JoIQ4Ege50bcAO79BFL7QUwYH6v-74XviST7_5Dbh6dNK03I4s-2A7CGAXTL4_M1QWa620Jk2Da5VuOmT0eWWfY35afieOFTzN7TTrNYTlBOIzTttq8aflfU8GTe56kso7xz0YKgb-OIWZUY7BS6RKZP_iBQt12Tn3kV9nT7TvSUVwxRgwYGtYYgCE]"

@TheOneRing The client remains connected and is happily syncing.
But it seems odd that the client first logs a response containing "dyn", then only logs requests contianing "dyn" without any more responses with "dyn"
ownCloud-logdir.zip

TheOneRing · 2021-01-28T11:47:53Z

Well the first is the response in which we got the new client id after the registrations.
The other entries are token refreshs where we use that id.
So looks fine to me.

jnweiger · 2021-01-29T12:58:31Z

Should the dynamic client ID also refresh itself ater some time? Or is this infinitly valid?

TheOneRing · 2021-01-29T13:06:24Z

It times out, the response returning the id also provides client_secret_expires_at

jnweiger · 2021-01-29T16:50:33Z

Tests successful wrt to openidconnect--2.0.0 - client issues pending.

jnweiger mentioned this issue Jan 12, 2021

OpenID Connect 2.0.0 #104

Closed

31 tasks

jnweiger mentioned this issue Jan 29, 2021

[QA] dynamic registration times out after 1h owncloud/client#8402

Closed

jnweiger closed this as completed Jan 29, 2021

jnweiger mentioned this issue Jul 22, 2021

Release openidconnect 2.1.0 #168

Closed

45 tasks

jnweiger mentioned this issue Sep 14, 2021

[QA] 2.1.0 Testplan #179

Closed

jnweiger mentioned this issue Feb 25, 2022

[QA] 2.1.1 Testplan #210

Closed

jnweiger mentioned this issue Jul 13, 2022

[QA] 2.2.0 Testplan #240

Closed

3 tasks

jnweiger mentioned this issue Jul 10, 2024

[QA] 2.3.0 Testplan #316

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[QA] 2.0.0 Testplan #132

[QA] 2.0.0 Testplan #132

jnweiger commented Jan 12, 2021 •

edited

Loading

jnweiger commented Jan 15, 2021

jesmrec commented Jan 18, 2021

jnweiger commented Jan 26, 2021 •

edited

Loading

jnweiger commented Jan 28, 2021 •

edited

Loading

jnweiger commented Jan 28, 2021 •

edited

Loading

TheOneRing commented Jan 28, 2021

jnweiger commented Jan 29, 2021

TheOneRing commented Jan 29, 2021

jnweiger commented Jan 29, 2021

[QA] 2.0.0 Testplan #132

[QA] 2.0.0 Testplan #132

Comments

jnweiger commented Jan 12, 2021 • edited Loading

Setup

Testplan

openidconnect-1.0.0 Web UI + desktop client 2.7.5RC2

Android

Smoke test: 2.16 ✅ New ✅

iOS

jnweiger commented Jan 15, 2021

jesmrec commented Jan 18, 2021

jnweiger commented Jan 26, 2021 • edited Loading

Changlog Testplan

jnweiger commented Jan 28, 2021 • edited Loading

jnweiger commented Jan 28, 2021 • edited Loading

TheOneRing commented Jan 28, 2021

jnweiger commented Jan 29, 2021

TheOneRing commented Jan 29, 2021

jnweiger commented Jan 29, 2021

jnweiger commented Jan 12, 2021 •

edited

Loading

jnweiger commented Jan 26, 2021 •

edited

Loading

jnweiger commented Jan 28, 2021 •

edited

Loading

jnweiger commented Jan 28, 2021 •

edited

Loading